User Perceptions of Information Security: Evidence from Takoradi Technical University

Abstract

This study related to the importance of information and information technology in today's global business. The global nature of information systems also exposes them to threats which make them prone to security breaches. Information risks are several internal and external, making it almost impossible for only information security professionals to handle. This therefore reinforces the need to involve end-users in by educating them to be aware of threats, and their role in curbing those threats. Related information security literature was reviewed to establish the business problem theoretically. Using focus group discussions and open-ended interview guide, data was collected from non-security employees from Takoradi Polytechnic. The data provided understanding of the employees' present security needs, employees perception of information security, employees' personal security initiative, and level of information security awareness. The key findings in the study suggested that, currently some arrangements have been made to ensure information security; however, there is the need for more non-computer-based arrangements such as physical security, training and data backup systems. Further, because some respondents did not perceive the current security arrangement to be adequate, they took personal initiatives like using passwords, using formal communication channels for obtaining information which falls outside their domain or function, and seldom reporting any perceived security threats. These personal initiatives seemed to be the basis for the employees' self-rating of their level of information security awareness, not some training they had acquired.

Received: 8 September 2022 / Accepted: 29 October 2022 / Published: 5 November 2022